gbanyan/grafana-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6e33e1a65e708c8c1fc0222cf018938a5e600480
grafana-dashboard/GBarmUB/crowdsec-security-dashboard-gbarmub.json
gbanyan 08ac297dc4 Initial Grafana provisioning dashboards
2025-10-27 19:03:20 +08:00

1921 lines
47 KiB
JSON
Raw Blame History

{
"apiVersion": "dashboard.grafana.app/v0alpha1",
"kind": "Dashboard",
"metadata": {
"name": "270488bc-baf3-4db4-88a1-8c2e56ad84b8"
},
"spec": {
"panels": [
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 10
},
{
"color": "red",
"value": 50
}
]
}
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"colorMode": "value",
"graphMode": "area",
"justifyMode": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "cs_active_decisions{instance=\"192.168.50.4:6060\"}",
"refId": "A"
}
],
"title": "活躍決策數 (Active Decisions)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 100
},
{
"color": "red",
"value": 500
}
]
}
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 6,
"y": 0
},
"id": 2,
"options": {
"colorMode": "value",
"graphMode": "area",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(increase(cs_alerts{instance=\"192.168.50.4:6060\"}[24h]))",
"refId": "A"
}
],
"title": "總警報數 (Total Alerts)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
}
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 12,
"y": 0
},
"id": 3,
"options": {
"colorMode": "value",
"graphMode": "none",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "count(count by (bouncer) (cs_lapi_bouncer_requests_total{instance=\"192.168.50.4:6060\"}))",
"refId": "A"
}
],
"title": "Bouncer 連接數",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
}
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 18,
"y": 0
},
"id": 4,
"options": {
"colorMode": "value",
"graphMode": "none",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "count(count by (machine) (cs_lapi_machine_requests_total{instance=\"192.168.50.4:6060\"}))",
"refId": "A"
}
],
"title": "Machine 連接數",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 10,
"lineInterpolation": "smooth"
},
"unit": "reqps"
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 4
},
"id": 5,
"options": {
"legend": {
"calcs": [
"last",
"max"
],
"displayMode": "table",
"placement": "right"
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "rate(cs_alerts{instance=\"192.168.50.4:6060\"}[5m])",
"legendFormat": "{{reason}} - {{origin}}",
"refId": "A"
}
],
"title": "警報趨勢 (Alert Trends)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 10,
"lineInterpolation": "smooth"
}
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 4
},
"id": 6,
"options": {
"legend": {
"calcs": [
"last",
"max"
],
"displayMode": "table",
"placement": "right"
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "cs_active_decisions{instance=\"192.168.50.4:6060\"}",
"legendFormat": "{{reason}} - {{origin}}",
"refId": "A"
}
],
"title": "活躍決策趨勢 (Active Decisions Over Time)",
"type": "timeseries"
},
{
"gridPos": {
"h": 8,
"w": 8,
"x": 0,
"y": 12
},
"id": 7,
"options": {
"legend": {
"displayMode": "table",
"placement": "right",
"values": [
"value",
"percent"
]
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum by (origin) (cs_active_decisions{instance=\"192.168.50.4:6060\"})",
"refId": "A"
}
],
"title": "決策來源分布 (Decisions by Origin)",
"type": "piechart"
},
{
"gridPos": {
"h": 8,
"w": 8,
"x": 8,
"y": 12
},
"id": 8,
"options": {
"legend": {
"displayMode": "table",
"placement": "right",
"values": [
"value",
"percent"
]
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum by (reason) (cs_active_decisions{instance=\"192.168.50.4:6060\"})",
"refId": "A"
}
],
"title": "決策原因分布 (Decisions by Reason)",
"type": "piechart"
},
{
"gridPos": {
"h": 8,
"w": 8,
"x": 16,
"y": 12
},
"id": 9,
"options": {
"legend": {
"displayMode": "table",
"placement": "right",
"values": [
"value",
"percent"
]
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum by (type) (cs_active_decisions{instance=\"192.168.50.4:6060\"})",
"refId": "A"
}
],
"title": "決策類型分布 (Decisions by Type)",
"type": "piechart"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 20,
"lineInterpolation": "smooth"
},
"unit": "ops"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 20
},
"id": 10,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "rate(cs_bucket_overflowed_total{instance=\"192.168.50.4:6060\"}[5m])",
"legendFormat": "{{name}}",
"refId": "A"
}
],
"title": "Bucket 溢出率 (Bucket Overflow Rate)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"lineInterpolation": "smooth"
},
"unit": "s"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 20
},
"id": 11,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "rate(cs_bucket_pour_seconds_sum{instance=\"192.168.50.4:6060\"}[5m]) / rate(cs_bucket_pour_seconds_count{instance=\"192.168.50.4:6060\"}[5m])",
"legendFormat": "平均處理時間",
"refId": "A"
}
],
"title": "Bucket 處理時間 (Bucket Processing Time)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 20,
"lineInterpolation": "smooth"
},
"unit": "reqps"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 27
},
"id": 12,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_lapi_bouncer_requests_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "Bouncer 請求",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_lapi_machine_requests_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "Machine 請求",
"refId": "B"
}
],
"title": "LAPI 請求率 (LAPI Request Rate)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"lineInterpolation": "smooth"
},
"unit": "s"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 27
},
"id": 13,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "histogram_quantile(0.95, rate(cs_lapi_request_duration_seconds_bucket{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "P95 延遲",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "histogram_quantile(0.99, rate(cs_lapi_request_duration_seconds_bucket{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "P99 延遲",
"refId": "B"
}
],
"title": "LAPI 請求延遲 (LAPI Request Duration)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 20,
"lineInterpolation": "smooth"
},
"unit": "ops"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 34
},
"id": 14,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_parser_hits_ok_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "成功",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_parser_hits_ko_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "失敗",
"refId": "B"
}
],
"title": "解析器命中率 (Parser Hit Rate)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"lineInterpolation": "smooth"
},
"unit": "s"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 34
},
"id": 15,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "rate(cs_parsing_time_seconds_sum{instance=\"192.168.50.4:6060\"}[5m]) / rate(cs_parsing_time_seconds_count{instance=\"192.168.50.4:6060\"}[5m])",
"legendFormat": "平均解析時間",
"refId": "A"
}
],
"title": "解析時間 (Parsing Time)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 20,
"lineInterpolation": "smooth"
},
"unit": "ops"
}
},
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 41
},
"id": 16,
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_node_hits_ok_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "成功命中",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "sum(rate(cs_node_hits_ko_total{instance=\"192.168.50.4:6060\"}[5m]))",
"legendFormat": "失敗命中",
"refId": "B"
}
],
"title": "節點命中統計 (Node Hits)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "source"
},
"properties": [
{
"id": "displayName",
"value": "來源"
}
]
},
{
"matcher": {
"id": "byName",
"options": "Value"
},
"properties": [
{
"id": "displayName",
"value": "警報數"
}
]
}
]
},
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 41
},
"id": 17,
"options": {
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "Value"
}
]
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "ff1qkncht70n4c"
},
"expr": "topk(10, sum by (source) (increase(cs_alerts{instance=\"192.168.50.4:6060\"}[1h])))",
"format": "table",
"instant": true,
"refId": "A"
}
],
"title": "前 10 個警報來源 (Top 10 Alert Sources)",
"type": "table"
},
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 48
},
"id": 18,
"title": "📋 Loki 日誌區域",
"type": "row"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 10
},
{
"color": "orange",
"value": 30
},
{
"color": "red",
"value": 50
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 0,
"y": 49
},
"id": 28,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" [1h]))",
"refId": "A"
}
],
"title": "🚫 IP 封鎖數 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 5
},
{
"color": "red",
"value": 15
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 6,
"y": 49
},
"id": 29,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"ssh.*ban on Ip\" [1h]))",
"refId": "A"
}
],
"title": "🔐 SSH 封鎖 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 10
},
{
"color": "red",
"value": 25
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 12,
"y": 49
},
"id": 30,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"http.*ban on Ip\" [1h]))",
"refId": "A"
}
],
"title": "🌐 HTTP 攻擊 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 1
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 18,
"y": 49
},
"id": 31,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"CVE.*ban on Ip\" [1h]))",
"refId": "A"
}
],
"title": "⚠️ CVE 漏洞 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"drawStyle": "line",
"fillOpacity": 30,
"lineInterpolation": "smooth"
},
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 53
},
"id": 32,
"options": {
"legend": {
"calcs": [
"last",
"sum"
],
"displayMode": "table",
"placement": "bottom"
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" [5m]))",
"legendFormat": "封鎖數",
"refId": "A"
}
],
"title": "📈 IP 封鎖趨勢 (Ban Trend)",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 10,
"lineInterpolation": "smooth"
},
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 53
},
"id": 33,
"options": {
"legend": {
"calcs": [
"last",
"max"
],
"displayMode": "table",
"placement": "bottom"
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"ssh-slow-bf\" [5m]))",
"legendFormat": "SSH 暴力",
"refId": "A"
},
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"http-probing\" [5m]))",
"legendFormat": "HTTP 探測",
"refId": "B"
},
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"http-backdoors\" [5m]))",
"legendFormat": "後門嘗試",
"refId": "C"
},
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} |~ \"wordpress\" [5m]))",
"legendFormat": "WordPress",
"refId": "D"
}
],
"title": "🔍 攻擊類型 (Attack Types)",
"type": "timeseries"
},
{
"gridPos": {
"h": 12,
"w": 12,
"x": 0,
"y": 61
},
"id": 34,
"options": {
"enableLogDetails": true,
"prettifyLogMessage": false,
"showTime": true,
"sortOrder": "Descending",
"wrapLogMessage": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "{job=\"security/crowdsec-main\"} |~ \"ban on Ip\"",
"refId": "A"
}
],
"title": "🚫 被封鎖 IP 日誌 (Banned IPs)",
"type": "logs"
},
{
"gridPos": {
"h": 12,
"w": 12,
"x": 12,
"y": 61
},
"id": 35,
"options": {
"enableLogDetails": true,
"prettifyLogMessage": false,
"showTime": true,
"sortOrder": "Descending",
"wrapLogMessage": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "{job=\"security/crowdsec-main\"} |~ \"performed\"",
"refId": "A"
}
],
"title": "🎯 攻擊詳情 (Attack Details)",
"type": "logs"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 100
},
{
"color": "orange",
"value": 1000
},
{
"color": "red",
"value": 5000
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 0,
"y": 73
},
"id": 19,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-firewall\"} |~ \"decision.*added\" [1h]))",
"refId": "A"
}
],
"title": "決策新增 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "blue",
"value": 10
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 6,
"y": 73
},
"id": 20,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-firewall\"} |~ \"decision.*deleted\" [1h]))",
"refId": "A"
}
],
"title": "決策刪除 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 1000
},
{
"color": "red",
"value": 5000
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 12,
"y": 73
},
"id": 21,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-api\"} [1h]))",
"refId": "A"
}
],
"title": "API 請求 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 100
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 4,
"w": 6,
"x": 18,
"y": 73
},
"id": 22,
"options": {
"colorMode": "value",
"graphMode": "area",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"values": false
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-main\"} [1h]))",
"refId": "A"
}
],
"title": "主程序日誌 (1小時)",
"type": "stat"
},
{
"fieldConfig": {
"defaults": {
"custom": {
"drawStyle": "line",
"fillOpacity": 10,
"lineInterpolation": "smooth"
},
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 77
},
"id": 23,
"options": {
"legend": {
"calcs": [
"last",
"max",
"mean"
],
"displayMode": "table",
"placement": "bottom"
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-api\"} |~ \"crowdsec-firewall-bouncer\" [1m]))",
"legendFormat": "Firewall Bouncer",
"refId": "A"
},
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-api\"} |~ \"Crowdsec-Bouncer-Traefik\" [1m]))",
"legendFormat": "Traefik Bouncer",
"refId": "B"
}
],
"title": "Bouncer 請求",
"type": "timeseries"
},
{
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"drawStyle": "bars",
"fillOpacity": 80
},
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 77
},
"id": 24,
"options": {
"legend": {
"calcs": [
"last",
"sum"
],
"displayMode": "table",
"placement": "bottom"
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-firewall\"} |~ \"added\" [1m]))",
"legendFormat": "Added",
"refId": "A"
},
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum(count_over_time({job=\"security/crowdsec-firewall\"} |~ \"deleted\" [1m]))",
"legendFormat": "Deleted",
"refId": "B"
}
],
"title": "決策變更",
"type": "timeseries"
},
{
"gridPos": {
"h": 10,
"w": 24,
"x": 0,
"y": 85
},
"id": 25,
"options": {
"enableLogDetails": true,
"prettifyLogMessage": false,
"showTime": true,
"sortOrder": "Descending",
"wrapLogMessage": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "{job=\"security/crowdsec-api\"}",
"refId": "A"
}
],
"title": "API 活動日誌",
"type": "logs"
},
{
"gridPos": {
"h": 10,
"w": 12,
"x": 0,
"y": 95
},
"id": 26,
"options": {
"enableLogDetails": true,
"prettifyLogMessage": false,
"showTime": true,
"sortOrder": "Descending",
"wrapLogMessage": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "{job=\"security/crowdsec-firewall\"}",
"refId": "A"
}
],
"title": "防火牆決策日誌",
"type": "logs"
},
{
"gridPos": {
"h": 10,
"w": 12,
"x": 12,
"y": 95
},
"id": 27,
"options": {
"enableLogDetails": true,
"prettifyLogMessage": false,
"showTime": true,
"sortOrder": "Descending",
"wrapLogMessage": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "{job=\"security/crowdsec-main\"}",
"refId": "A"
}
],
"title": "主程序日誌",
"type": "logs"
},
{
"fieldConfig": {
"overrides": [
{
"matcher": {
"id": "byName",
"options": "ip"
},
"properties": [
{
"id": "displayName",
"value": "IP 地址"
},
{
"id": "custom.width",
"value": 150
}
]
},
{
"matcher": {
"id": "byName",
"options": "country"
},
"properties": [
{
"id": "displayName",
"value": "🌍 國家"
},
{
"id": "custom.width",
"value": 80
}
]
},
{
"matcher": {
"id": "byName",
"options": "asn"
},
"properties": [
{
"id": "displayName",
"value": "ASN"
},
{
"id": "custom.width",
"value": 100
}
]
},
{
"matcher": {
"id": "byName",
"options": "Value"
},
"properties": [
{
"id": "displayName",
"value": "封鎖次數"
},
{
"id": "custom.cellOptions",
"value": {
"type": "color-background"
}
},
{
"id": "custom.width",
"value": 120
}
]
}
]
},
"gridPos": {
"h": 10,
"w": 12,
"x": 0,
"y": 53
},
"id": 36,
"options": {
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "封鎖次數"
}
]
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "topk(20, sum by (ip, country, asn) (count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" | pattern `\u003c_\u003e by ip \u003cip\u003e (\u003ccountry\u003e/\u003casn\u003e) : \u003c_\u003e` [6h])))",
"instant": true,
"refId": "A"
}
],
"title": "🌍 Top 20 被封鎖 IP (帶地理位置)",
"transformations": [
{
"id": "labelsToFields",
"options": {
"mode": "columns"
}
},
{
"id": "organize",
"options": {
"excludeByName": {
"Time": true
},
"indexByName": {
"Value": 3,
"asn": 2,
"country": 1,
"ip": 0
},
"renameByName": {}
}
},
{
"id": "sortBy",
"options": {
"sort": [
{
"desc": true,
"field": "Value"
}
]
}
}
],
"type": "table"
},
{
"fieldConfig": {
"overrides": [
{
"matcher": {
"id": "byName",
"options": "rule"
},
"properties": [
{
"id": "displayName",
"value": "⚠️ 規則名稱"
},
{
"id": "custom.width",
"value": 300
}
]
},
{
"matcher": {
"id": "byName",
"options": "Value"
},
"properties": [
{
"id": "displayName",
"value": "觸發次數"
},
{
"id": "custom.cellOptions",
"value": {
"type": "color-background"
}
},
{
"id": "thresholds",
"value": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 5
},
{
"color": "orange",
"value": 20
},
{
"color": "red",
"value": 50
}
]
}
}
]
}
]
},
"gridPos": {
"h": 10,
"w": 12,
"x": 12,
"y": 53
},
"id": 37,
"options": {
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "觸發次數"
}
]
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "topk(15, sum by (rule) (count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" | pattern `\u003c_\u003e \u003crule\u003e by ip \u003c_\u003e` [6h])))",
"instant": true,
"refId": "A"
}
],
"title": "⚠️ Top 15 觸發規則 (Attack Scenarios)",
"transformations": [
{
"id": "labelsToFields",
"options": {
"mode": "columns"
}
},
{
"id": "organize",
"options": {
"excludeByName": {
"Time": true
},
"indexByName": {
"Value": 1,
"rule": 0
}
}
},
{
"id": "sortBy",
"options": {
"sort": [
{
"desc": true,
"field": "Value"
}
]
}
}
],
"type": "table"
},
{
"fieldConfig": {
"defaults": {
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 8,
"x": 0,
"y": 63
},
"id": 38,
"options": {
"legend": {
"displayMode": "table",
"placement": "right",
"values": [
"value",
"percent"
]
},
"pieType": "pie",
"tooltip": {
"mode": "single"
}
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "sum by (duration) (count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" | pattern `\u003c_\u003e : \u003cduration\u003e ban on Ip \u003c_\u003e` [6h]))",
"refId": "A"
}
],
"title": "⏱️ 封鎖時長分布 (Ban Duration)",
"type": "piechart"
},
{
"fieldConfig": {
"defaults": {
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 8,
"x": 8,
"y": 63
},
"id": 39,
"options": {
"legend": {
"displayMode": "table",
"placement": "right",
"values": [
"value",
"percent"
]
},
"pieType": "pie"
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "topk(10, sum by (country) (count_over_time({job=\"security/crowdsec-main\"} |~ \"ban on Ip\" | pattern `\u003c_\u003e (\u003ccountry\u003e/\u003c_\u003e` [6h])))",
"refId": "A"
}
],
"title": "🌎 攻擊來源國家分布",
"type": "piechart"
},
{
"fieldConfig": {
"defaults": {
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "yellow",
"value": 20
},
{
"color": "orange",
"value": 50
},
{
"color": "red",
"value": 100
}
]
},
"unit": "short"
}
},
"gridPos": {
"h": 8,
"w": 8,
"x": 16,
"y": 63
},
"id": 40,
"options": {
"displayMode": "gradient",
"orientation": "horizontal",
"showUnfilled": true
},
"targets": [
{
"datasource": {
"type": "loki",
"uid": "ef1qnibjxb5z4a"
},
"expr": "topk(8, sum by (events) (count_over_time({job=\"security/crowdsec-main\"} |~ \"performed\" | pattern `\u003c_\u003e (\u003cevents\u003e events over \u003c_\u003e` [6h])))",
"refId": "A"
}
],
"title": "📊 事件頻率統計 (Events per Attack)",
"type": "bargauge"
}
],
"refresh": "30s",
"schemaVersion": 42,
"tags": [
"crowdsec",
"security",
"firewall",
"loki"
],
"time": {
"from": "now-6h",
"to": "now"
},
"timezone": "browser",
"title": "CrowdSec Security Dashboard - GBarmub"
}
}
Reference in New Issue View Git Blame Copy Permalink